Access control is a security measure
Order ID:89JHGSJE83839 Style:APA/MLA/Harvard/Chicago Pages:5-10 Instructions:
Access control is a security measure
RESPOND TO THESE DISCUSSION POST BASED ON THE TOPIC “Access control is a security measure that ensures that all types of data are protected from unauthorized disclosure or modification. Access control approaches determine how users interact with data and other network resources.
In an initial post:Explain a scenario where you would apply one of the four access control measures. Why would you select one over the others?
Continue the discussion by evaluating how mandatory vacation can be used as a tool to detect fraud and help employees release their work stress.
Then, respond to your classmates. Did you agree with their opinion of the most important access control measure to use in their scenario? Why or why not?.” (TWO (2) PARAGRAPHS EACH WITH REFERENCES ON EACH OF THEM SEPARATELY, NOT TOGETHER)
Please view article herehttp://web.archive.org/web/20150110053317/http:/www.pmi.org/~/media/PDF/Knowledge%20Center/PM%20Network%20Requirements%20Article.aspx
1.dAvD dUfLA
My first thought was of an ERP system. Separation of duties is a classic method to manage conflict of interest (Gregg, Nam, Northcutt, Pokladnik, n.d.). The scenario that comes to mind is related to
sales staff and accounting staff assigned access with Role Based Access Control (RBAC). The process of defining roles is usually based on analyzing the fundamental goals and structure of an
organization and is usually linked to the security policy (owasp.org, 2016). In an ERP, sales staff would be assigned roles to create orders for customers and take payment. This means sales staff would
only have access to customer data and order data. Accounting staff would have access to payment processor data, credit card records from a company like Authorize.net, and access to the ERP
accounting data. This would separate the duties between the person who accepts payment and a person who reviews and validates records matching orders. This would prevent sales staff from
potentially giving away products to friends and family by having a review process for orders. Sales staff wouldn’t have the ability to access accounting modules to cover fraudulent activity.
RBAC is also very useful for seasonal staff and temp staff. The use of seasonal staff signifies and spike in business which indicates a need to rapidly scale up and scale down. RBAC allows administrators to quickly assign predefined roles to staff that may be hired and start employment all within a very short window.
2.jFfY pIcD). Wk4
At work we have a program called backoffice were regular store employees, assistant managers and the store manager can access different functions on the POS to gain different information. When an
employee is set up in the POS they are given an access level either access 1, which allows full access to functions in back office, access 2, which allows most functions to be accessed in backoffice, or
access level 3, which has very VERY limited access and allows the user to access the most basic of functions in back office. I would consider this to be Role Based Access Control because you are
given your access level based on your position in the store. Store Managers have level 1, Assistant Managers are level 2, and all other employees are level 3. This helps to ensure that the correct tasks
can be accessed by the correct position and certain information is not seen or accessed by those not authorized to see it.
I am a strong believer that everyone should be allowed vacation time throughout somepoint in the year. I found it interesting that it could be used to detect fraud because managers can use the time that the employee has off to investigate and see if they are doing anything that could harm the company. It is also a way for employees to release their work stress because it gives them time away from work to be with thier familes and to relax
3.bReT gAtH).Discss
I work in many regulatory environments, and so we have multiple programs institute rule-based access control, in addition to the other three types. The rule-based access control has been employed in
certain evidence databases whereby staff have access to their group’s evidence (role-based), however, access to certain evidence within each group may only be allowed if you have certain rights (rule-
based), e.g., are on an additional list. In addition, managers from each group (role-based), have the ability to “invite” staff from other groups to view their protected material (a mixture of role- and rule-
base access control).
To expand, we generally break up individuals by departments and sometimes by subgroups within the department. In some instances we have created groups of “managers”. This second group is normally created to assist with an approval process. The grouping is generally role-based as described initially, however, the approval process described would most likely have characteristics of a roll- and rule-based configuration.
PLEASE READ THIS.IT IS VERY IMPORTANT
Allow your discussion posts to be detailed and capable of sharing knowledge, ideas and points. You must discuss the topic using your own words first. Using your own words indicate you understand
the topic of discussions. Secondly, you must cite your sources in-text. This is necessary to justify your points. Sources from several sources showed good research abilities. Lastly, you must provide
references at the bottom of your post. A discussion post without justification with sources does not show proper research abilities. A terse and not detailed discussions represent post that would not
provide enough sharing of knowledge or proper understanding of the topic. DO NOT just copy and paste a sentence from online with citation at the end as your own discussion. I have not asked for
definitions, I asked for discussions and will not buy this. You must show understanding of the discussion topic by using your own words to describe the topic and then justify that with sources.
www.citationmachine.net to format references into the APA style if necessary. Extremely important. Intext citations is very essential and highly needed as well
RUBRIC
Excellent Quality
95-100%
Introduction 45-41 points
The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned.
Literature Support
91-84 points
The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned.
Methodology
58-53 points
Content is well-organized with headings for each slide and bulleted lists to group related material as needed. Use of font, color, graphics, effects, etc. to enhance readability and presentation content is excellent. Length requirements of 10 slides/pages or less is met.
Average Score
50-85%
40-38 points
More depth/detail for the background and significance is needed, or the research detail is not clear. No search history information is provided.
83-76 points
Review of relevant theoretical literature is evident, but there is little integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are included. Summary of information presented is included. Conclusion may not contain a biblical integration.
52-49 points
Content is somewhat organized, but no structure is apparent. The use of font, color, graphics, effects, etc. is occasionally detracting to the presentation content. Length requirements may not be met.
Poor Quality
0-45%
37-1 points
The background and/or significance are missing. No search history information is provided.
75-1 points
Review of relevant theoretical literature is evident, but there is no integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are not included in the summary of information presented. Conclusion does not contain a biblical integration.
48-1 points
There is no clear or logical organizational structure. No logical sequence is apparent. The use of font, color, graphics, effects etc. is often detracting to the presentation content. Length requirements may not be met
You Can Also Place the Order at www.collegepaper.us/orders/ordernow or www.crucialessay.com/orders/ordernow Access control is a security measure